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DETAILED ACTION 
Priority 

1 . No claim for priority has been made in this application. 

2. The effective filing date for the subject matter defined in the pending claims in 
this application is 1 2/1 2/2000. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1 - 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Anderson (Publication Number: 6108787), hereinafter referred to as Anderson, in view 
of Bowman-Amuah (Patent Number: 6081518), hereinafter referred to as Bowman- 
Amuah). 

4. As per claims 1 and 3, Anderson teaches a method of allowing access by a 
workstation connected to a first network of a highest security level, to information in a 
second network of a lower security level, the method comprising the steps of: 
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a. routing connections for input devices for the workstation to a proxy in the second 
network (Anderson, see inter alia, Figure 2 and Column 5 Line 20 - 30); 

5. Anderson does not teach establishing a remotable session in the second 
network. 

6. Bowman-Amuah teaches: 

b. establishing a remotable session in the second network (Bowman-Amuah, see 
inter alia, Column 44 Line 1 - 7, Column 1 Line 44 - 48, Column 1 6 Line 65 - 67, 
Column 1 7 Line 8-15, Column 21 Line 60 - 61 , and Column 61 Line 1 9 - 22); 

7. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, ~ 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line 6-9 and 
Column 6 Line 45 - 48) and Bowman-Amuah teaches centralized command and controls- 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 
Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
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providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44-48). 

8. Anderson as modified further teaches: 

c. connecting the input devices to the remotable session through the proxy in the 
second network so that the input devices are operable to control applications running in 
the remotable session (Bowman-Amuah, see inter alia, Column 44 Line 1 - 7, Column 1 
Line 44 - 48, Column 1 6 Line 65 - 67, Column 1 7 Line 8-15, Column 21 Line 60 - 61 , 
and Column 61 Line 19 - 22); 

d. sending output from the remotable session through the proxy in the second 
network to a proxy in the first network through a diode that ensures that information only 
flows in one direction (Anderson, see inter alia, Column 2 Line 53 - 59 and Figure 8); 

e. forwarding the output from the proxy in the first network to a remote session 
viewer at the workstation (Anderson: see inter alia, Column 1 Line 59 - 62 & Bowman- 
Amuah: see inter alia, Column 21 Line 60 - 61 , Column 61 Line 1 9 - 22 and Column 1 0 
Line 60 -65). 

9. As per claims 5, 7, and 12, Anderson teaches a method of operating a server to 
proxy access by a workstation connected to a first network of a highest security level, to 
information in a second network of a lower security level, the method comprising the 
steps of: : :f: 

a. establishing a remotable session in the second network (Bowman-Amuahi see 
inter alia, Column 44 Line 1 - 7, Column 1 , Line 44 - 48, Column 16 Line 65 - 67, 



Application/Control Number: 09/735,1 1 7 Page 5 

Art Unit: 2131 

Column 17 Line 43 -45, Line 44 -50, Column 21 Line 60-61, and Column 61 Line 19 
-22); 

b. connecting the input devices to the remotable session through the server so that 
the input devices are operable to control applications running in the remotable session 
(Bowman-Amuah, see inter alia, Column 4 Line 43 - 46, Column 44 Line 1 - 7, Column 

I , Line 44 - 48, Column 1 6 Line 65 - 67, Column 1 7 Line 43 - 45, Line 44 - 50, 
Column 21 Line 60 - 61 , and Column 61 Line 19 - 22); 

10. Bowman-Amuah does not teach sending output from the remotable session to 
the first network through a diode that ensures that information only flows from the server 
in the second network to the first network. 

I I . Anderson teaches: 

c. sending output from the remotable session to the first network through a diode 
that ensures that information only flows from the server in the second network to the 
first network (Anderson, see inter alia, Column 2 Line 53 - 59 and Figure 8). 

12. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
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building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line 6-9 and 
Column 6 Line 45 - 48) and Bowman-Amuah teaches centralized command and control 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 
Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44-48). 

1 3. As per claim 1 1 , Anderson teaches apparatus for granting access by a 
workstation connected to a first network of a highest security level, to information in a 
second network of a lower security level, the apparatus comprising: 

a. means for establishing a remotable session in the second network (Bowman- 
Amuah, see inter alia, Column 44 Line 1-7, Column 1 , Line 44-48, Column 1 6 Line 
65 - 67, Column 1 7 Line 43 - 45, Line 44 - 50, Column 21 Line 60 - 61 , and Column 
61 Line 19-22); 

b. means for connecting the input devices to the remotable session so that the input 
devices are operable to control applications running in the remotable session (Bowman- 
Amuah, see inter alia, Column 44 Line 1 - 7, Column 1 , Line 44 - 48, Column 1 6 Line 
65 - 67, Column 1 7 Line 43 - 45, Line 44 - 50, Column 21 Line 60 - 61 , and Column 
61 Line 19-22); ■ ■ ' - 
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14. Bowman-Amuah does not teach means for sending output from the remotable 
session to the first network through a diode that ensures that information only flows from 
the second network to the first network. 

15. Anderson teaches: 

c. means for sending output from the remotable session to the first network through 
a diode that ensures that information only flows from the second network to the first 
network (Anderson, see inter alia, Column 2 Line 53 - 59 and Figure 8). 

16. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line 6-9 and 
Column 6 Line 45-48) and Bowman-Amuah teaches centralized command and control 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 ~ 
Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
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providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44-48). 

1 7. As per claim 2, 6 and 8, Anderson as modified teaches the claimed invention as 
described above (see claim 1, 5 and 7 respectively). Anderson as modified further 
teaches the establishing step includes sending a login screen and further comprising 
the step of receiving login information for a user at the second network (Anderson: see 
inter alia, Column 1 Line 55 - 57). 

18. As per claim 9, 10 and 13, Anderson as modified teaches the claimed invention 
as described above (see claim 7, 8 and 12 respectively). Anderson as modified further 
teaches sending output further include instructions for software throttling (Bowman^ 
Amuah, see inter alia, Column 4 Line 18-22 and Column 16 Line 32). 

19. As per claim 4, Anderson teaches a system for selectively allowing access by a 
workstation connected to a plurality of networks to information in a network of the 
highest security level or in a selected network from one or more other networks of lower 
security levels, the system comprising: 

a. a switching unit for selectively routing connections for input devices to the 
workstation or to the selected network (Anderson, see inter alia, Figure 2 Element 16 
and Figure 3 Element 48); 
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20. Anderson does not teach a plurality of programmable computer systems 
disposed in the plurality of networks, each of the programmable computer systems 
operable to execute applications under the control of the workstation. 

21. Bowman-Amuah teaches: 

b. a plurality of programmable computer systems disposed in the plurality of 
networks, each of the programmable computer systems operable to execute 
applications under the control of the workstation (Bowman-Amuah, see inter alia, 
Column 44 Line 1 - 7, Column 1 Line 44 - 48, Column 1 6 Line 65-67, Column 1 7 Line 
8-15, Column 21 Line 60 - 61 , and Column 61 Line 1 9 - 22); 

22. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line.6 - 9 and 
Column 6 Line 45-48) and Bowman-Amuah teaches centralized command and control " 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 



Application/Control Number: 09/735,1 17 Page 10 

Art Unit: 2131 

Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44 - 48). 

23. Anderson as modified further teaches: 

c-1 . a plurality of diode servers disposed one each in each of the plurality of 
networks, each diode server in the one or more other networks connected to the 
switching unit and at least one programmable computer system and operable as a 
proxy to connect the switching unit to a remotable session in the selected network 
(Bowman-Amuah, see inter alia, Column 6 Line 6-9, Column 6 Line 43 - 47, Column 
44 Line 1 - 7, Column 1 Line 44 - 48, Column 1 6 Line 65 - 67, Column 1 7 Line 8-15, 
Column 21 Line 60 - 61 , and Column 61 Line 19 - 22), 

c-2 a selected diode server further operable to forward output from the remotable 
session to the network of the highest security level for display in a remote session 
viewer at the workstation (Anderson, see inter alia, Column 2 Line 53 - 59, Column 1 
Line 59 - 62, Figure 3 and Figure 8 & Bowman-Amuah: see inter alia, Column 21 Line 
60 - 61 , Column 61 Line 1 9 - 22 and Column 1 0 Line 60 - 65). 
d. one or more diodes disposed one each between a diode server in one of the one 
or more other networks and a diode server in the network of the highest security level 
so that information can flow only from the selected network to the network of the highest 
security level (Anderson, see inter alia, Column 2 Line 53 - 59, Column- 1 Line' 59 -j62, 
Figure 3 and Figure 8 & Bowman-Amuah, see inter alia, Column 6 Line 6 - 9, Column 6 - 



Application/Control Number: 09/735,1 17 Page 1 1 

Art Unit: 2131 

Line 43 - 47, Column 44 Line 1 - 7, Column 1 Line 44 - 48, Column 1 6 Line 65 - 67, 
Column 17 Line 8-15, Column 21 Line 60 - 61 , and Column 61 Line 19 - 22). 

24. As per claim 14, Anderson teaches a system for allowing access by a 
workstation connected to a first network of a highest security level, to information in a 
second network of a lower security level, the system comprising: 

a. a diode handler object for communicating between the system and a diode that 
allows information to flow in only one direction (Anderson, see inter alia, Column 2 Line 
53 - 59, Column 1 Line 59 - 62, Figure 3 and Figure 8); 

25. Anderson does not teach a proxy server object for interconnecting the diode 
handler object to a remotable session viewer in the workstation. 

26. Bowman-Amuah teaches: 

b. a proxy server object for interconnecting the diode handler object to a remotable 
session viewer in the workstation (Bowman-Amuah, see inter alia, Column 6 Line 6-9, 
Column 6 Line 43 - 47, Column 44 Line 1 - 7, Column 1 Line 44 - 48, Column 16 Line 
65 - 67, Column 1 7 Line 8-15, Column 21 Line 60 - 61 , and Column 61 Line 1 9 - 22). 

27. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
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proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line 6-9 and 
Column 6 Line 45 - 48) and Bowman-Amuah teaches centralized command and control 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 
Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44-48). 

28. As per claim 15, Anderson teaches a system for allowing access by a . 
workstation connected to a first network of a highest security level, to information in a 
second network of a lower security level, the system comprising: 

a. a diode handler object for communicating between the system and a diode that 
allows information to flow in only one direction (Anderson, see inter alia, Column 2 Line 
53 - 59, Column 1 Line 59 - 62, Figure 3 and Figure 8); 

29. Anderson does not teach a proxy client object for interconnecting the diode 
handler object to a remotable session. 

30. Bowman-Amuah teaches: ~~. -"".""'* 

b. a proxy client object for interconnecting the diode handler object to a remotable * 
session (Bowman-Amuah, see inter alia, Column 6 Line 6-9, Column 6 Line 43 - 47, 
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Column 44 Line 1 - 7, Column 1 Line 44 - 48, Column 16 Line 65 - 67, Column 17 Line 
8-15, Column 21 Line 60 - 61, and Column 61 Line 19 - 22). 

31 . It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Bowman-Amuah within the system of 
Anderson because (a) Anderson discloses the information diode architecture in a 
network environment using gateway for information filtering (Anderson, see inter alia, 
Figure 2 and Column 5 Line 20 - 30) and Bowman-Amuah teaches the intelligent 
networks composed of proxy servers and the common well-known purposes of the 
proxy server are filter information requests, improve performance, and share network 
connections; besides, (b) Anderson discloses the issue that each pair of networks as a 
building block has an input device and switch in conjunction with the information diode 
(Anderson, see inter alia, Figure 3 Element 48) but however, any general or even 
special means is also applicable (Anderson, see inter alia, Column 6 Line 6-9 and 
Column 6 Line 45 - 48) and Bowman-Amuah teaches centralized command and control 
by using the remote session techniques (Bowman-Amuah, see inter alia, Column 16 
Line 65 - 67, Column 17 Line 8 - 15) as well as the hybrid network architecture 
providing an intelligent network solution (Bowman-Amuah, see inter alia, Column 1 Line 
44 - 48). 

32. Anderson as modified further teaches: 

c. a switch handler object connected to the proxy client object for communicating 7 " 
between the proxy client object and a switching unit (Anderson, see inter alia, Column 2 
Line 53 - 59, Column 1 Line 59 - 62, Figure 3 and Figure 8 & Bowman-Amuah, see 
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inter alia, Column 6 Line 6-9, Column 6 Line 43 - 47, Column 44 Line 1 - 7, Column 1 
Line 44 -48, Column 16 Line 65-67, Column 17 Line 8- 15, Column 21 Line 60-61, 
and Column 61 Line 19 - 22). 

33. As per claim 16, Anderson as modified teaches the claimed invention as 
described above (see claim 15). Anderson as modified further teaches the diode 
handler object applies software throttling to the information (Bowman-Amuah, see inter 
alia, Column 4 Line 18-22 and Column 16 Line 32). 

34. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anderson 
(Publication Number: 6108787), hereinafter referred to as Anderson, in view of Powell 
(Patent Number: US 200200731 67 A1 ), hereinafter referred to as Powell. 

35. As per claim 4, Anderson teaches a system for selectively allowing access by a 
workstation connected to a plurality of networks to information in a network of the 
highest security level or in a selected network from one or more other networks of lower 
security levels, the system comprising: 

a. a switching unit for selectively routing connections for input devices to the 
workstation or to the selected network (Anderson, see inter alia, Figure 2 Element 16 
and Figure 3 Element 48); 

36. Anderson does not teach a plurality of programmable computer systems 
disposed in the plurality of networks, each of the programmable computer systenris : 
operable to execute applications under the control of the workstation. 
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37. Powell teaches: 

b. a plurality of programmable computer systems disposed in the plurality of 
networks, each of the programmable computer systems operable to execute 
applications under the control of the workstation (Powell, see inter alia, Parag [0225], 
Figure 1 , and Figure 8: Powell discloses the architecture of manage the local proxy 
servers from a central proxy server); 

38. It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Powell within the system of Anderson 
because (a) Anderson discloses the information diode architecture in a network 
environment using gateway for information filtering (Anderson, see inter alia, Figure 2 
and Column 5 Line 20 - 30) and Powell teaches Central / Local Proxy techniques and 
the common well-known purposes of the proxy server are filter information requests, 
improve performance, and share network connections; besides (b) Anderson discloses 
the issue that each pair of networks as a building block has an input device and switch 
in conjunction with the information diode (Anderson, see inter alia, Figure 3 Element 48) 
but however, any general or even special means is also applicable (Anderson, see inter 
alia, Column 6 Line 6-9 and Column 6 Line 45 - 48) and Powell teaches centralized 
command and control by using the remote session techniques (Powell, see inter alia, 
Parag [0225], Figure 1, and Figure 8). 

39. Powell as modified further teaches: 

c-1 . a plurality of diode servers disposed one each in each of the plurality of 
networks, each diode server in the one or more other networks connected to the 
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switching unit and at least one programmable computer system and operable as a 
proxy to connect the switching unit to a remotable session in the selected network 
(Powell, see inter alia, Parag [0225], Figure 1, and Figure 8), 
c-2 a selected diode server further operable to forward output from the remotable 
session to the network of the highest security level for display in a remote session 
viewer at the workstation (Anderson, see inter alia, Column 2 Line 53 - 59, Column 1 
Line 59 - 62, Figure 3 and Figure 8 & Powell, see inter alia, Parag [0225], Figure 1 , 
and Figure 8). 

d. one or more diodes disposed one each between a diode server in one of the one 
or more other networks and a diode server in the network of the highest security level 
so that information can flow only from the selected network to the network of the highest 
security level (Anderson, see inter alia, Column 2 Line 53 - 59, Column ttine-59 - 62, 
Figure 3 and Figure 8 & Powell, see inter alia, Parag [0225], Figure 1 , and Figure 8). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 703-305-0710. 
The examiner can normally be reached on Monday-Friday 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Longbit Chai 
Examiner 
Art Unit 2131 
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